Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCNA Cyber Ops SECOPS > RFI > Flashcards

RFI Flashcards

1
Q

DREAD

A

Quantifying risk by threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Integrity protection encompasses…

A

more than just data. Also OS, apps, HW

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

DREAD + STRIDE

A

Threat modeling techniques

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Categories of security investigations (3)

A

Public, Private, Individual

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Linux file system that supports journaling

A

EXT4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Journaling file system consequence

A

Burns out hard drive easier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Each process starts with…

A

Single threat that can create more threads

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A Windows job is…

A

A group of processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Is a Signature ID an artifact of IPS/IDS events?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Netflow templates provide

A

backward compatibility on netflow supporting systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

IPFIX uses which protocol

A

SCTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SILK, ELK, Graylog

A

Can be used for Netflow analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Netflow cache types (3)

A

Normal, Immediate, permanent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

IPFIX based on which version of netflow

A

9

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Incident Prioritization part of which phase of IR process

A

Detection + Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cisco ATA

A

MSSP

17
Q

PSIRT

A

Vendor CIRT

18
Q

E-PHI

A

Electronic PHI

19
Q

Deterministic analysis

A

You know and obtain facts about an incident

20
Q

Activity attack graph useful for…

A

Highlighting attackers preferences and alternative attack paths

21
Q

First step in a forensic exercise

A

Collect and secure evidence

22
Q

Syslog port

A

UDP 514

23
Q

VERIS stands for

A

Vocabulary for Event Recording and Information Sharing

24
Q

How many people should know about a cyber crime investigation?

A

As few people as possible

25
Q

Resident Data

A

Data for very small files stored in the MFT.

26
Q

Cisco Adaptive Security Device Manager (ASDM)

A

Rule based firewall management

27
Q

DNScapy and DNSCAT2

A

DNS tunneling tools

28
Q

Goal of security awareness program

A

Provide understanding of risk and exposure

29
Q

What systems must be scanned for PCI DSS compliance?

A

All systems on isolated PCI network.

30
Q

Journaling Filesystems

A

EXT3/EXT4

NTFS

31
Q

Identifying attacking hosts part of which IR phase?

A

Containment, Eradication, and Recovery

32
Q

CVSS Temporal score categories

A

Remediation Level
Report Confidence
Exploit Code Maturity

33
Q

PCI-DSS Compliance scan frequency

A

Quarterly

34
Q

Senderbase capabilities

A

Reputation of web/email servers
Threat ratings of known hosts
Sources sending malware

35
Q

Activity threads

A

Relationship between multiple diamonds in the Diamond Model

36
Q

BDA strategy

A

Part of kill chain. Strategy to defend Before, During, and After an attack.

CCNA Cyber Ops SECOPS (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions